A few good reasons why you should consider upgrading to Microsoft Active Directory 2012


Here are a few good reasons why you should consider upgrading to Microsoft Active Directory 2012:

There is now a Graphical User Interface for the AD Recycle Bin feature, which was introduced in Server 2008 R2. At that moment it was only possible to use it from the command line.  Now you can restore deleted object from the “Deleted Objects” container. The restoration now also supports the restoration of what Microsoft calls back-links. Back-links for example are the group memberships of a user accounts.  So as of now you can do a easy restore of deleted AD objects. Also the tool has the ability to find out what the object “parent / child” relationship is. For example an deleted upper level OU where the deleted object was sitting in. You can enable this option in  the GUI from the Active Directory Administration Center. (not active directory users and computers)



Besides that, there is now also a GUI for (Fine Grained) Password Policy’s. Fine Grained Password Policy’s where introduced in Windows Server 2008 at that time you had to dive into ADSIEDIT to build and assign them. Now you do all this easly with a GUI and you can assign them on User or User Group basis. To configure go to the Active Directory Administrative Center and navigate to the “Systems” container. Then enter the Password Settings Container. In here, right click, select new, Password Settings and off you go.



These are some big improvements, besides these you also might want to look at Dynamic Access Control. With this feature you can grant files access based on Active Directory Object – Attributes fields. For example the Department or Manged By field can be used to grant access to a particular file or folder. This technology can be seen as an additional way to perform file system management.

That’s it for now on Active Directory 2012,